Re: Certified C compilers for safety-critical embedded systems

From: CBFalconer (cbfalconer_at_yahoo.com)
Date: 12/30/03 

Date: Tue, 30 Dec 2003 18:31:05 GMT

Martin Krischik wrote:
>
... snip ...
>
> The claim here in the group is that by use of a static analysis
> tool the C code can be made as secure as the Ada code.

I don't think anyone knowledgeable is seriously making such a
claim. However, nobody knowledgeable would make the claim that
assembly language is unnecessary either, and similarly C is
extremely useful as a lingua franca extending over many systems.

As has been pointed out elsethread, it is possible to translate
Ada to C, which immediately takes advantage of the de facto
portability, but gives up some compile time efficiency and
convenience. After all, the usual function of a C compiler is to
translate a C program to assembly language, except that that
destination is not standardized.

Implementation of run-time checks may require that the C code make
extensive use of system subroutines. It may not be possible to
use "a = b + c;" statements. At the same time the full C library
is probably not needed, and can be heavily pruned for Ada use. 

-- 
Chuck F (cbfalconer@yahoo.com) (cbfalconer@worldnet.att.net)
   Available for consulting/temporary embedded and systems.
   <http://cbfalconer.home.att.net>  USE worldnet address!

Relevant Pages